東華大學圖書館 |

語系: 繁體中文

說明(常見問題)

回圖書館首頁

手機版館藏查詢

登入

回首頁

切換: 標籤 | MARC模式 | ISBD

FindBook

Google Book

Amazon

博客來

On IoT Security from an End-to-End Perspective.

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	On IoT Security from an End-to-End Perspective./
作者:	Gao, Chao.
出版者:	Ann Arbor : ProQuest Dissertations & Theses, : 2022,
面頁冊數:	182 p.
附註:	Source: Dissertations Abstracts International, Volume: 83-09, Section: B.
Contained By:	Dissertations Abstracts International83-09B.
標題:	Computer science. -
電子資源:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28863941
ISBN:	9798790657894

On IoT Security from an End-to-End Perspective.
Gao, Chao.

On IoT Security from an End-to-End Perspective. - Ann Arbor : ProQuest Dissertations & Theses, 2022 - 182 p.

Source: Dissertations Abstracts International, Volume: 83-09, Section: B.

Thesis (Ph.D.)--University of Massachusetts Lowell, 2022.

This item must not be sold to any third party vendors.

With the rapid development of the Internet of Things (IoT), more and more small devices are connected to the Internet for monitoring, control, and data collection. Because of its flexibility, convenience, and intelligence, IoT has attracted great interest in the industry and has broad applications, such as smart home, smart city, smart healthcare, and smart environment. However, security issues are one of the most important issues of the Internet of Things. In this dissertation, we present an end-to-end view of IoT security and privacy as well as multiple case studies.We first case study the Edimax smart plug system by exploiting its communication protocols and successfully launching four attacks: device scanning attack, brute force attack, spoofing attack, and firmware attack. Our real-world experimental results show that we can obtain the authentication credentials from the users by performing these attacks. We then introduce our end-to-end view of the IoT system, which can guide the risk assessment and design of the IoT system. Based on this view, we systematically present security and privacy requirements in terms of IoT system from five dimensions, including hardware, operating system/firmware, software, networking, and data generated and maintained within the system. Based on our view, we propose a secure lightweight and thing-centered IoT communication system based on MQTT, SecT, in which a device/thing authenticates users. We implemented a prototype of SecT on a $10 Raspberry Pi Zero W and performed extensive experiments to validate its performance. The experiment results show that SecT is both cost-effective and practical. We study the security of microcontroller (MCU) based IoT firmware. We investigate the security issues that may exist in the firmware update process of MCU based IoT applications. We also investigate secure firmware update mechanisms for a legacy MCU ATmega1284P and discuss pitfalls that may occur in implementations. Finally, we introduce a cost-effective system to transform legacy IR controlled devices into Internet connected smart IoT devices through a Raspberry Pi with an IR transceiver module. We analyze the factors that affect the IR transmission range and discuss the security implications of IR communication using our setup and demonstrate attack scenarios.The overall goal of this dissertation is to discover security issues in the IoT systems from an end-to-end perspective, and raise the alarm for the IoT device manufacturers to put security at a higher priority of their products. We propose an end-to-end view of the IoT system, which can guide the design of a secure and privacy preserving IoT system. Based on the end-to-end view of the IoT system, we present some reliable designs for a secure IoT system from different dimensions.

ISBN: 9798790657894Subjects--Topical Terms:

523869
Computer science.
Subjects--Index Terms:

IoT

On IoT Security from an End-to-End Perspective.
LDR:03834nmm a2200337 4500 001 2350366
005 20221020125744.5
008 241004s2022 ||||||||||||||||| ||eng d
020 $a 9798790657894
035 $a (MiAaPQ)AAI28863941
035 $a AAI28863941
040 $a MiAaPQ $c MiAaPQ
100 1 $a Gao, Chao. $3 1684494
245 1 0 $a On IoT Security from an End-to-End Perspective.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2022
300 $a 182 p.
500 $a Source: Dissertations Abstracts International, Volume: 83-09, Section: B.
500 $a Advisor: Fu, Xinwen.
502 $a Thesis (Ph.D.)--University of Massachusetts Lowell, 2022.
506 $a This item must not be sold to any third party vendors.
520 $a With the rapid development of the Internet of Things (IoT), more and more small devices are connected to the Internet for monitoring, control, and data collection. Because of its flexibility, convenience, and intelligence, IoT has attracted great interest in the industry and has broad applications, such as smart home, smart city, smart healthcare, and smart environment. However, security issues are one of the most important issues of the Internet of Things. In this dissertation, we present an end-to-end view of IoT security and privacy as well as multiple case studies.We first case study the Edimax smart plug system by exploiting its communication protocols and successfully launching four attacks: device scanning attack, brute force attack, spoofing attack, and firmware attack. Our real-world experimental results show that we can obtain the authentication credentials from the users by performing these attacks. We then introduce our end-to-end view of the IoT system, which can guide the risk assessment and design of the IoT system. Based on this view, we systematically present security and privacy requirements in terms of IoT system from five dimensions, including hardware, operating system/firmware, software, networking, and data generated and maintained within the system. Based on our view, we propose a secure lightweight and thing-centered IoT communication system based on MQTT, SecT, in which a device/thing authenticates users. We implemented a prototype of SecT on a $10 Raspberry Pi Zero W and performed extensive experiments to validate its performance. The experiment results show that SecT is both cost-effective and practical. We study the security of microcontroller (MCU) based IoT firmware. We investigate the security issues that may exist in the firmware update process of MCU based IoT applications. We also investigate secure firmware update mechanisms for a legacy MCU ATmega1284P and discuss pitfalls that may occur in implementations. Finally, we introduce a cost-effective system to transform legacy IR controlled devices into Internet connected smart IoT devices through a Raspberry Pi with an IR transceiver module. We analyze the factors that affect the IR transmission range and discuss the security implications of IR communication using our setup and demonstrate attack scenarios.The overall goal of this dissertation is to discover security issues in the IoT systems from an end-to-end perspective, and raise the alarm for the IoT device manufacturers to put security at a higher priority of their products. We propose an end-to-end view of the IoT system, which can guide the design of a secure and privacy preserving IoT system. Based on the end-to-end view of the IoT system, we present some reliable designs for a secure IoT system from different dimensions.
590 $a School code: 0111.
650 4 $a Computer science. $3 523869
650 4 $a Artificial intelligence. $3 516317
650 4 $a Information technology. $3 532993
653 $a IoT
653 $a Security
690 $a 0984
690 $a 0489
690 $a 0800
710 2 $a University of Massachusetts Lowell. $b Computer Science. $3 3434885
773 0 $t Dissertations Abstracts International $g 83-09B.
790 $a 0111
791 $a Ph.D.
792 $a 2022
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28863941